My love and hate relationship with Pertino AD Connect
-
@JaredBusch said:
This has nothing to do with Pertino settings.
It's a Windows setting, true, but Pertino probably has default settings it writes to Windows, such as the order of priority of the adapters. That's probably why it didn't stay put, because it wasn't a Pertino setting, but it's something Pertino sets.
-
@JaredBusch said:
I hate Pertino when it decides to route local traffic over itself. This kills the MS Dynamics application that my client uses..
Why would it do this? Wouldn't most people want to make the LAN the priority for performance reasons?
-
@Carnival-Boy said:
@JaredBusch said:
I hate Pertino when it decides to route local traffic over itself. This kills the MS Dynamics application that my client uses..
Why would it do this? Wouldn't most people want to make the LAN the priority for performance reasons?
Probably for DNS reasons, which is a double-edged sword. Ping a device that's on the VPN but not local and with Pertino being primary it'll resolve. Otherwise, it might not.
-
The problem occurs when you enable AD Connect.
David just told me in an email that version 430 should have a new feature implemented to allow local subnets to be defined in order to force Pertino to leave that traffic alone.
-
@JaredBusch said:
The problem occurs when you enable AD Connect.
David just told me in an email that version 430 should have a new feature implemented to allow local subnets to be defined in order to force Pertino to leave that traffic alone.
Does it not have defined routed networks? so you don't have to define local.
-
If memory serves me correctly, each update actually removes the Pertino adapter and recreates a new adapter when the update is complete. If the order is being moved around to me that seems like the logical scenario.
-
@Bill-Kindle said:
If memory serves me correctly, each update actually removes the Pertino adapter and recreates a new adapter when the update is complete. If the order is being moved around to me that seems like the logical scenario.
They are fixing that.
-
@scottalanmiller I remember having a chat with them back last year about that and it was something they were still working on. I can see it being an issue here but in my experience this is similar to any other VPN connection I've ever dealt with. CheckPoint VPN does the same thing, just fought this a few months ago on a laptop I manage. Messed up all kinds of CAD licensing that was looking for a certain NIC interface to authenticate a license.
-
@scottalanmiller said:
They are fixing that.
They are attempting to fix it. I think the defined local subnets in 430 are a workaround for the issue.
-
@JaredBusch Correct. This has been the one downside for AD Connect if you have users that frequent the office. Traffic is forced across the Pertino interface. 430 will allow you to designate "zones" where devices use local routes instead.